303825c88444803079d8aba74161229e_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

303825c88444803079d8aba74161229e_JaffaCakes118
Size

45KB
MD5

303825c88444803079d8aba74161229e
SHA1

1d4199f103e2e928da236c957f2351a555eca9e2
SHA256

a3aac4b3138f846592dbad340a44c8c29a3ff5a56cb194bbbb77121483fb474a
SHA512

5ff9842dd4841aed4fdafa7a97ee5c3a9eb5f79a61988a0fe7703df3f6e839b0347e7df2bf868196297f2cb27189ac4d47f26225d6dbce80904c693e24292f47
SSDEEP

768:ZorqkiVRbu6WjUcK2qviE6LwPFvTl7hu/mTbunllMoUJM:wqlI6dp3R6C9Jtu/mTbYlXR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
303825c88444803079d8aba74161229e_JaffaCakes118

Files

303825c88444803079d8aba74161229e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

557918b1a852e9bd22ab246d03e50f7e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindFirstFileExA
GetLastError
GlobalFindAtomW
SetThreadPriority
GetDiskFreeSpaceW
PrepareTape
LoadLibraryA
GetConsoleFontInfo
NlsGetCacheUpdateCount
ReadConsoleInputExA
OpenProcess
GetProcAddress
MoveFileWithProgressA
Process32FirstW
BuildCommDCBW
GetConsoleCommandHistoryW
lstrcat
GetLargestConsoleWindowSize
OpenMutexA
VirtualProtectEx
GetCurrentProcess
EnumCalendarInfoW
GetEnvironmentStringsA

user32

SetCapture

Sections

.text
Size: 4KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 38KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE